Glossary

Simple definitions and explanations of Kubernetes components, concepts, and security terms

component

API Server

The central management component that exposes the Kubernetes API

attack

Container Escape

A security vulnerability where an attacker breaks out of a container to access the host system

resource

CustomResourceDefinition

A way to extend Kubernetes by defining your own resource types

resource

DaemonSet

Ensures a copy of a Pod runs on all or selected nodes in the cluster

resource

Deployment

A controller that manages the desired state of Pods and ReplicaSets

component

etcd

The distributed key-value store that holds all Kubernetes cluster state

resource

Ingress

Manages external HTTP/HTTPS access to services in the cluster

component

kube-proxy

A network proxy that runs on each node and maintains network rules for Services

component

Kubelet

The agent running on each node that manages Pods and containers

resource

Pod

The smallest deployable unit in Kubernetes that can be created and managed

security

RBAC (Role-Based Access Control)

A method of regulating access to computer or network resources based on the roles of individual users

resource

Service

An abstraction that exposes a set of Pods as a network service

resource

ServiceAccount

An identity for processes running inside Pods to authenticate with the API server